CLAIMS 



We claim: 

1. \A collaboration space, comprising: 

a palace comprising a plurality of rooms linked by 
pointers; 

a member directory for said place identifying users 
authorized enter said place; and 

each said room comprising one or more pages, and for 
each said room a members object for identifying members 
authorized to access\said room and for each member a 
level of authorization a 



2. The collaboration space of claim 1, said levels of 
authorization including manager, autWor, and reader. 



3. The collaboration space of claim 1, sard rooms 
including a parent room and a child room, and \aid pointers 
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comprising forward and backward pointers for enabling the 
security of each said room to be independently managed. 

4. The Collaboration space of claim 3, each said forward 
pointer further comprising a readers field, said readers 
field including an access authority for each reader 
authorized to enter said room. 

5. The collaboration space of claim 3, each said forward 
pointer being secure Vointer. 

6. The collaboration spate of claim 5, each said forward 
pointer carrying the same security as that of the subroom to 
which it points. \ 

7. The collaboration space of cl\im 6, further comprising 
a display for presenting to a specific user viewing a parent 
room a listing of its subrooms, said listing including for 
said specific user only those subrooms ior which a readers 
field in said forward pointer includes an\entry authorizing 
access by said specific user. \ 
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1 Qs. A database access control system, comprising: 

2 an access control list for specifying users who can or 

3 caraiot access said database; 

4 for usets authorized to access said database, said 

5 access control list further specifying access levels 

6 and roles qetermining the specific actions said users 

7 are authorized to perform, said roles including reader, 

8 author, and manager; 

9 a form selectively^ including a form access list; 

10 said database including one or more documents created 

11 from said form; \ 

12 said form access list identifying users authorized to 

13 read documents created from^aid form; 

14 each said document including a document access field 

15 selectively including a readers rield and an authors 

16 field for controlling who can read\or modify said 

17 document; users identified in any said form access list 

18 for said form from which said document was created 
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19 being included in said readers field; 

20 entrres in said readers field granting authorization to 

21 an individual user equal to or less than the 

22 authorization for said individual user in said access 

23 control lisV; and 

entries in saidNauthors field selectively granting 

25 authorization to k user authorized as an author in said 

26 access control listYto edit a document which said 

27 author creates. \ 

1 9. A method for controlling aacess to rooms within a 

2 collaboration place, comprising tire steps of: 

3 maintaining for said collaboration place an access 

4 control list identifying those users authorized to 

5 enter said place; \ 

6 providing pointers linking said rooms wYthin said 

7 place, said pointers including forward pointers having 

8 a readers field; \ 

9 displaying a parent room to a specific user,\?aid 
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10 \ parent room including a list of children rooms for 

11 ^which said readers fields authorize said specific user 

12 aocess. 

1 10. A method Vor creating a child room within a 

collaboration plWce data base, comprising the steps of: 

3 providing for said data base an access control list 

4 identifying userss authorized to access said data base; 

5 providing for said qhild room a back pointer to a 

6 parent room; and \ 

7 providing at said parent Yoom for said child room a 

8 forward pointer from said parent room, said pointer 

9 including a readers access faSeld listing users 
10 authorized to access said chilcl room. 

1 11. The method of claim 10, further comprising the steps 

2 of: \ 

3 limiting reader access in said readers access field to 

4 said child room for a specific user to no more than the 
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^access granted said specific user in said access 
control list. 



1 12. The method of claim 11, further comprising the step of 

2 initially including in said readers access field for a 

3 child room crveated from a form users identified in a 
jh form access liatt identifying users authorized to read 
Sr rooms created frWi said form. 

1 13. A program storage deVice readable by a machine, 

2 tangibly embodying a prograik of instructions executable by a 

3 machine to perform method steRS for controlling access to 

4 rooms within a collaboration pltece, said method steps 

5 comprising: \ 

6 maintaining for said collaboration place an access 

7 control list identifying those uasers authorized to 

8 enter said place; \ 

9 providing pointers linking said rooms\within said 

0 place, said pointers including forward Vointers having 

1 a readers field; and y 

\ 
\ 
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daying a parent room to a specific user, said 
rent room including a list of children rooms for 
whicnvsaid readers fields authorize said specific user 



access . 
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14. An article of Manufacture comprising: 

a computer useable\medium having computer readable 
program code means embodied therein for controlling 
access to rooms withiV a collaboration place, the 
computer readable program means in said article of 
manufacture comprising: 
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computer readable program ccide means for causing a 
computer to effect maintaining for said collaboration 
place an access control list identifying those users 
authorized to enter said place; 

\ 

computer readable program code mean^ for causing a 
computer to effect providing pointerX linking said 
rooms within said place, said pointers ^including 
forward pointers having a readers field; \and 

computer readable program code means for calling a 

\ 
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16 computer to effect displaying a parent room to a 

17 specific user, said parent room including a list of 

18 children rooms for which said readers fields authorize 

19 said specific user access, 

1 15. A computer progr A product or computer program element 

2 for controlling access t\ rooms within a collaboration place 

3 according to the steps of:\ 

4 maintaining for said collaboration place an access 

5 control list identifying tnr>se users authorized to 

6 enter said place; \ 

7 providing pointers linking said\rooms within said 

8 place, said pointers including foVward pointers having 

9 a readers field; \ 

10 displaying a parent room to a specif icX user, said 

11 parent room including a list of children*, rooms for 

12 which said readers fields authorize said specific user 

13 access, \ 
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